Japan’s National Police Accuse Lazarus, a North Korean Hacking Organization, For Years of Crypto-Related Attacks

Law enforcement in Japan has identified “Lazarus“, a hacker gang based in North Korea, as the culprit for a string of crypto-related cyber assaults spanning several years.

The National Police Agency (NPA) and the Financial Services Agency (FSA) of Japan issued a cautionary public statement on October 14 advising Japanese crypto-asset enterprises to be on the lookout for phishing assaults from a hacking gang intent on stealing cryptocurrency.

According to local news outlets, the government has issued a public attribution, or advisory statement, for the sixth time in recorded history.

The statement warns that the hacker collective engages in social engineering through phishing assaults, in which they pretend to be high-ranking officials from the targeted firm to trick the latter’s workers into opening infected files or clicking on dangerous links.

Phishing: An Attack Strategy

This gang of hackers sends phishing emails to workers by posing as executives of the target organization, using fake accounts on social networking sites, and claiming to undertake commercial transactions. The cyber-attack gang uses the virus as a gateway into the victim’s network.

The NPA and the FSA issued a joint statement warning businesses that North Korean hackers often employ phishing as an attack method, advising them to save their private keys in an offline environment and not to click email attachments or URLs carelessly.

The message continued by advising people and organizations not to download data from sources other than those whose validity can be confirmed, particularly for applications connected to cryptographic assets.

The NPA also advised users to install security software, adopt multi-factor authentication, and not use the same password across devices and services, all of which are meant to increase the security of digital asset holders’ information.

Several of these assaults have been carried out effectively against Japanese digital asset businesses, the NPA said, albeit it did not provide more information.

The Reconnaissance General Bureau of North Korea, a state-run foreign intelligence organization, is said to have ties to the Lazarus Group.

Global IT Company Trend Micro’s Katsuyuki Okamoto told The Yomiuri Shimbun,

“Lazarus first targeted banks in different nations, but lately it has been targeting for crypto assets that are controlled more loosely.”

They are suspected of the $100 million assault on the layer-1 blockchain Harmony and have been blamed for the $650 million Ronin Bridge vulnerability in March.